Late last year, known and respected information security researcher Dragos Ruiu began tweeting about something he called #badBIOS - a malware agent of some kind that he says jacks the BIOS of a machine and sets itself up as a hypervisor-cum-backdoor beneath the operating system. He's gathered got some evidence that instances of the beastie communicate via near-ultrasound by directly manipulating the soundcard without interacting with the OS' drivers. Whether or not he's actually right, some of the NSA's older existing tools aside - it was surprising how fast corroborating details started popping up around the Net.

Then Kate Murphy's project on Github called Quietnet started making the rounds in certain circles. In a nutshell, it's a pair of utilities written in Python that implement... dramatic pause... node-to-node text-based chat. Using near-ultrasound generated and decoded by the sound cards of the machines her code is running on. Its dependencies are minimal and the utilities are simple to set up. One of my cow-orkers and I were playing around with it at the office earlier this week and sure as death and taxes we were nattering back and forth with one another using our laptops from a distance of about ten feet. It's not a perfect communications technique; depending on how loud the background noise is, how busy the exhaust fans are, and probably how sensitive (read: not crappy) the microphones and speakers in our laptops are, we were exchanging text with varying degrees of accuracy. I think it might be possible to modify Quietnet to transfer data instead of text, something along the lines of SLiRP but ultimately I don't think it would be worth the effort. The concept is more than proven, there are better overt techniques for connecting computers, but if you're serious about covert data exfiltration chances are you're willing to be patient (on a scale of days or weeks) to get the goods you're after.